iaik.security.cipher

Class AESCBCCMac192

java.lang.Object

javax.crypto.CipherSpi

iaik.security.cipher.AESCBCCMac192

public class AESCBCCMac192
extends javax.crypto.CipherSpi

Implements the AES-CBC-CMAC authenticated encryption algorithm for 192 bit AES keys as defined by the BSI Technical Guideline TR-03109-1.

AES-CBC-CMAC represents an Encrypt-Then-Mac technology that uses the CmacAES algorithm for calculating a message authentication code on the data encrypted with AES in CBC mode. This class uses a 192 bit AES key for data encryption and expects a 192 bit AES key for MAC calculation.

You should call Cipher.getInstance with the "AESCBCCMac192/CBC/PKCS5Padding" or "AESCMac192/CBC/PKCS5Padding" algorithm transform name to get a Cipher object for the AES-CBC-CMAC cipher. The specified operation mode and padding scheme must be CBC mode and PKCS5Padding.
Note that an AES-CBC-CMAC key represents the concatenation of cipher (encryption) key and MAC key (see TR-03109-1): Key = Key_enc||Key_MAC. Thus a 2*192=384bit key is used for AES-CBC-CMAC-192.

By default AES-CBC-CMAC uses a 16-byte initialization vector of all zeros and produces a 16-byte MAC value. However, initialization vector and desired mac length may be specified as CBC-CMAC parameters (see TR-03109-1):

 CBC-CMAC-Param ::= SEQUENCE {
   aes-iV OCTET STRING 
   aes-MacLen INTEGER (12 | 13 | 14 | 15 | 16) DEFAULT 16 } 
 

e.g.:

 // generate key
 KeyGenerator keyGen = KeyGenerator.getInstance("AESCBCCMac192", "IAIK");
 SecretKey secretKey = keyGen.generateKey();
 // optionally generate parameters:
 byte[] iv = new byte[16];
 SecureRandom rand = ...;
 rand.nextBytes(iv);
 CBCCMacParameterSpec paramSpec = new CBCCMacParameterSpec(iv); 
 
 // get Cipher and init it for encryption
 Cipher cipher = Cipher.getInstance("AESCBCCMac192/CBC/PKCS5Padding", "IAIK");
 xipher.init(Cipher.ENCRYPT_MODE, secretKey, paramSpec);
 // encrypt data
 byte[] cipherText = cipher.doFinal(data);
 // get the initialization vector and calculated mac from the cipher
 AlgorithmParameters params = cipher.getParameters;
 paramSpec = (CBCCMacParameterSpec)params.getParameterSpec(CBCCMacParameterSpec.class);
 

When decrypting the encrypted message the initialization vector and the mac value have to be provided as parameters:

    
 Cipher cipher = Cipher.getInstance("AESCBCCMac192/CBC/PKCS5Padding", "IAIK");
 cipher.init(Cipher.DECRYPT_MODE, secretKey, paramSpec);
 byte[] plainText = cipher.doFinal(cipherText);
 

Version:

File Revision 11

See Also:

Cipher, CBCCMacParameterSpec, CBCCMacParameters

Constructor Summary

Constructors

Constructor and Description
AESCBCCMac192() Creates a AESCBCCMac192 Cipher object.

Method Summary

Methods

Modifier and Type	Method and Description
byte[]	engineDoFinal(byte[] in, int inOff, int inLen) Returns the result of the last step of a multi-step en/decryption operation or the result of a single-step en/decryption operation by processing the given input data and any remaining buffered data.
int	engineDoFinal(byte[] in, int inOff, int inLen, byte[] out, int outOff) Performs the last step of a multi-step en/decryption operation or a single-step en/decryption operation by processing the given input data and any remaining buffered data.
int	engineGetBlockSize() Returns the block size corresponding to this cipher.
byte[]	engineGetIV() Returns a byte array containing the initialization vector (IV).
protected int	engineGetKeySize(java.security.Key key)
int	engineGetOutputSize(int inLen) Returns the output buffer size necessary for capturing the data resulting from the next update or doFinal operation including any data currently being buffered.
java.security.AlgorithmParameters	engineGetParameters() Gets the algorithm parameters used/generated by this Cipher engine.
void	engineInit(int opmode, java.security.Key key, java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random) Initializes this cipher object with proper key and algorithm parameter values, and some random seed.
void	engineInit(int opmode, java.security.Key key, java.security.AlgorithmParameters params, java.security.SecureRandom random) Initializes this cipher object with proper key and algorithm parameter values, and some random seed.
void	engineInit(int opmode, java.security.Key key, java.security.SecureRandom random) Initializes this cipher object with a proper key and some random seed.
void	engineSetMode(java.lang.String cipherMode) Sets the mode of this cipher.
void	engineSetPadding(java.lang.String paddingName) Sets the padding scheme of this cipher.
protected java.security.Key	engineUnwrap(byte[] wrappedKey, java.lang.String wrappedKeyAlgorithm, int wrappedKeyType)
byte[]	engineUpdate(byte[] in, int inOff, int inLen) This method is used to encrypt or decrypt chunks of data of any length.
int	engineUpdate(byte[] in, int inOff, int inLen, byte[] out, int outOff) This method is used to encrypt or decrypt chunks of data of any length.
protected void	engineUpdateAAD(byte[] src, int offset, int len)
protected byte[]	engineWrap(java.security.Key key)
int	getModeBlockSize() Returns the block size corresponding to the actual cipher mode.
java.lang.String	toString() Returns a string representation of this Cipher.

Methods inherited from class javax.crypto.CipherSpi

engineDoFinal, engineUpdate, engineUpdateAAD

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

AESCBCCMac192

public AESCBCCMac192()
              throws java.security.NoSuchAlgorithmException

Creates a AESCBCCMac192 Cipher object.
Applications shall not call this constructor to get, they shall call one of the Cipher.getInstance factory methods instead:

 Cipher cipher = Cipher.getInstance("AESCBCCMac192/CBC/PKCS5Padding", "IAIK"); 
 

Throws:

java.security.NoSuchAlgorithmException

See Also:

Cipher.getInstance(java.lang.String)

Method Detail

engineInit

public void engineInit(int opmode,
              java.security.Key key,
              java.security.spec.AlgorithmParameterSpec params,
              java.security.SecureRandom random)
                throws java.security.InvalidKeyException,
                       java.security.InvalidAlgorithmParameterException

Initializes this cipher object with proper key and algorithm parameter values, and some random seed.

Before a cipher object is ready for data processing, it has to be initialized according to the desired cryptographic operation, which is specified by the opmode parameter (either ENCRYPT_MODE or DECCRYPT_MODE), e.g.:

 cipher_obj.init(Cipher.ENCRYPT_MODE, key, alg_params, random_seed);
 

The Cipher init will call the proper CipherSpi engineInit method.

Specified by:

engineInit in class javax.crypto.CipherSpi

Parameters:

opmode - the operation mode for which this cipher is used (ENCRYPT_MODE or DECRYPT_MODE)

key - the key

params - the algorithm parameters

random - the random seed

Throws:

java.security.InvalidKeyException - if the given key cannot be used for initializing this cipher

java.security.InvalidAlgorithmParameterException - if the given algorithm parameters don't match to this cipher

See Also:

Cipher.init(int, java.security.Key), CipherSpi.engineInit(int, java.security.Key, java.security.SecureRandom)

engineInit

public void engineInit(int opmode,
              java.security.Key key,
              java.security.SecureRandom random)
                throws java.security.InvalidKeyException

Initializes this cipher object with a proper key and some random seed.

Before a cipher object is ready for data processing, it has to be initialized according to the desired cryptographic operation, which is specified by the opmode parameter (either ENCRYPT_MODE or DECCRYPT_MODE), e.g.:

 cipher_obj.init(Cipher.ENCRYPT_MODE, key, random_seed);
 

The Cipher init will call the proper CipherSpi engineInit method.

If this cipher (including its underlying feedback or padding scheme) requires any random bytes, it will get them from random.

Specified by:

engineInit in class javax.crypto.CipherSpi

Parameters:

opmode - the operation mode for which this cipher is used (ENCRYPT_MODE or DECRYPT_MODE)

key - the key

random - the random seed

Throws:

java.security.InvalidKeyException - if the given key cannot be used for initializing this cipher

See Also:

Cipher.init(int, java.security.Key), CipherSpi.engineInit(int, java.security.Key, java.security.SecureRandom)

engineInit

public void engineInit(int opmode,
              java.security.Key key,
              java.security.AlgorithmParameters params,
              java.security.SecureRandom random)
                throws java.security.InvalidKeyException,
                       java.security.InvalidAlgorithmParameterException

Initializes this cipher object with proper key and algorithm parameter values, and some random seed.

Before a cipher object is ready for data processing, it has to be initialized according to the desired cryptographic operation, which is specified by the opmode parameter (either ENCRYPT_MODE or DECCRYPT_MODE), e.g.:

 cipher_obj.init(Cipher.ENCRYPT_MODE, key, alg_params, random_seed);
 

The Cipher init will call the proper CipherSpi engineInit method.

Specified by:

engineInit in class javax.crypto.CipherSpi

Parameters:

opmode - the operation mode for which this cipher is used (ENCRYPT_MODE or DECRYPT_MODE)

key - the key

params - the algorithm parameters

random - the random seed

Throws:

java.security.InvalidKeyException - if the given key cannot be used for initializing this cipher

java.security.InvalidAlgorithmParameterException - if the given algorithm parameters don't match to this cipher

See Also:

Cipher.init(int, java.security.Key), CipherSpi.engineInit(int, java.security.Key, java.security.SecureRandom)

engineGetParameters

public java.security.AlgorithmParameters engineGetParameters()

Gets the algorithm parameters used/generated by this Cipher engine.

Specified by:

engineGetParameters in class javax.crypto.CipherSpi

Returns:

the algorithm parameters

engineSetPadding

public void engineSetPadding(java.lang.String paddingName)
                      throws javax.crypto.NoSuchPaddingException

Sets the padding scheme of this cipher.

Specified by:

engineSetPadding in class javax.crypto.CipherSpi

Parameters:

paddingName - the name of the padding scheme

Throws:

javax.crypto.NoSuchPaddingException - if this padding scheme is not supported

See Also:

CipherSpi.engineSetPadding(java.lang.String)

engineSetMode

public void engineSetMode(java.lang.String cipherMode)
                   throws java.security.NoSuchAlgorithmException

Sets the mode of this cipher.

Specified by:

engineSetMode in class javax.crypto.CipherSpi

Parameters:

cipherMode - the cipher mode

Throws:

java.security.NoSuchAlgorithmException - if this cipher mode is not supported

See Also:

CipherSpi.engineSetMode(java.lang.String)

engineUpdate

public byte[] engineUpdate(byte[] in,
                  int inOff,
                  int inLen)

This method is used to encrypt or decrypt chunks of data of any length. To get the last data in the buffer use a doFinal() method. This method will automatically allocate an output buffer of the right size.

Specified by:

engineUpdate in class javax.crypto.CipherSpi

Parameters:

in - the input data.

inOff - the offset indicating where the subarray starts in the in array.

inLen - the length of the subarray.

Returns:

array containing the en/decrypted data

See Also:

BufferedCipher.engineDoFinal(byte[], int, int, byte[], int), Cipher.doFinal(), Cipher.update(byte[]), CipherSpi.engineUpdate(byte[], int, int)

engineUpdate

public int engineUpdate(byte[] in,
               int inOff,
               int inLen,
               byte[] out,
               int outOff)
                 throws javax.crypto.ShortBufferException

This method is used to encrypt or decrypt chunks of data of any length. To get get the last data in the buffer use a doFinal() method.

Specified by:

engineUpdate in class javax.crypto.CipherSpi

Parameters:

in - the input data.

inOff - the offset indicating where the subarray starts in the in array.

inLen - the length of the subarray.

out - the output buffer.

outOff - the offset indicating where to start writing the result into the output buffer.

Returns:

number of bytes written to out array.

Throws:

javax.crypto.ShortBufferException - if the buffer size is to short

See Also:

BufferedCipher.engineDoFinal(byte[], int, int, byte[], int), Cipher.doFinal(), Cipher.update(byte[]), CipherSpi.engineUpdate(byte[], int, int)

engineUpdateAAD

protected void engineUpdateAAD(byte[] src,
                   int offset,
                   int len)

Overrides:

engineUpdateAAD in class javax.crypto.CipherSpi

engineGetOutputSize

public int engineGetOutputSize(int inLen)

Returns the output buffer size necessary for capturing the data resulting from the next update or doFinal operation including any data currently being buffered.

Specified by:

engineGetOutputSize in class javax.crypto.CipherSpi

Parameters:

inLen - the number of bytes to process

Returns:

the size of the output buffer (in bytes)

See Also:

Cipher.getOutputSize(int), CipherSpi.engineGetOutputSize(int)

engineGetIV

public byte[] engineGetIV()

Returns a byte array containing the initialization vector (IV). If the algorithm corresponding to this cipher object does not use an initialization vector, null is returned.

Specified by:

engineGetIV in class javax.crypto.CipherSpi

Returns:

the initialization vector in a byte array if this cipher object operates with an IV and the IV already has been set, null otherwise.

See Also:

Cipher.getIV(), CipherSpi.engineGetIV()

getModeBlockSize

public int getModeBlockSize()

Returns the block size corresponding to the actual cipher mode. This may differ from the actual block size of the cipher in the OFB, CFB and CTR mode. This is the input size that an application must supply to an update call to get an output.

Returns:

The block size (in bytes) of the current mode. This is always at least one.

engineGetBlockSize

public int engineGetBlockSize()

Returns the block size corresponding to this cipher. The block size is returned in bytes. If the implemented algorithm is not a block cipher, 0 is returned.

Specified by:

engineGetBlockSize in class javax.crypto.CipherSpi

Returns:

the block size (in bytes) if this cipher is a block cipher, 0 otherwise.

See Also:

Cipher.getBlockSize(), CipherSpi.engineGetBlockSize()

engineDoFinal

public int engineDoFinal(byte[] in,
                int inOff,
                int inLen,
                byte[] out,
                int outOff)
                  throws javax.crypto.ShortBufferException,
                         javax.crypto.IllegalBlockSizeException,
                         javax.crypto.BadPaddingException

Performs the last step of a multi-step en/decryption operation or a single-step en/decryption operation by processing the given input data and any remaining buffered data.

The data to be processed is given in an input byte array. Beginning at inputOffset, only the first inputLen bytes are en/decrypted, including any buffered bytes of a previous update operation. If necessary, padding is performed. The result is stored in the given output byte array, beginning at outputOffset. The number of bytes stored in this byte array are returned.

Specified by:

engineDoFinal in class javax.crypto.CipherSpi

Parameters:

in - the byte array holding the data to be processed

inOff - the offset indicating the start position within the input byte array

inLen - the number of bytes to be processed

out - the byte array for holding the result

outOff - the offset indicating the start position within the output byte array to which the en/decrypted data is written

Returns:

the number of bytes stored in the output byte array

Throws:

javax.crypto.ShortBufferException - if the given output buffer is too small for holding the result

javax.crypto.IllegalBlockSizeException - if the total length of the processed data is not a multiple of the block size for a (no padding performing) block cipher

javax.crypto.BadPaddingException - if the decrypted data is not bounded by the proper padding bytes after data decryption including (un)padding

See Also:

Cipher.doFinal(), CipherSpi.engineDoFinal(byte[], int, int)

engineDoFinal

public byte[] engineDoFinal(byte[] in,
                   int inOff,
                   int inLen)
                     throws javax.crypto.IllegalBlockSizeException,
                            javax.crypto.BadPaddingException

Returns the result of the last step of a multi-step en/decryption operation or the result of a single-step en/decryption operation by processing the given input data and any remaining buffered data.

The data to be processed is given in an input byte array. Beginning at inputOffset, only the first inputLen bytes are en/decrypted, including any buffered bytes of a previous update operation. If necessary, padding is performed. The result is returned as a output byte array.

Specified by:

engineDoFinal in class javax.crypto.CipherSpi

Parameters:

in - the byte array holding the data to be processed

inOff - the offset indicating the start position within the input byte array

inLen - the number of bytes to be processed

Returns:

the byte array containing the en/decrypted data

Throws:

javax.crypto.IllegalBlockSizeException - if the total length of the processed data is not a multiple of the block size for a (no padding performing) block cipher

javax.crypto.BadPaddingException - if the decrypted data is not bounded by the proper padding bytes after data decryption including (un)padding

See Also:

Cipher.doFinal(), CipherSpi.engineDoFinal(byte[], int, int)

toString

public java.lang.String toString()

Returns a string representation of this Cipher.

Overrides:

toString in class java.lang.Object

Returns:

a string representation

engineGetKeySize

protected int engineGetKeySize(java.security.Key key)
                        throws java.security.InvalidKeyException

Overrides:

engineGetKeySize in class javax.crypto.CipherSpi

Throws:

java.security.InvalidKeyException

engineWrap

protected byte[] engineWrap(java.security.Key key)
                     throws javax.crypto.IllegalBlockSizeException,
                            java.security.InvalidKeyException

Overrides:

engineWrap in class javax.crypto.CipherSpi

Throws:

javax.crypto.IllegalBlockSizeException

java.security.InvalidKeyException

engineUnwrap

protected java.security.Key engineUnwrap(byte[] wrappedKey,
                             java.lang.String wrappedKeyAlgorithm,
                             int wrappedKeyType)
                                  throws java.security.InvalidKeyException,
                                         java.security.NoSuchAlgorithmException

Overrides:

engineUnwrap in class javax.crypto.CipherSpi

Throws:

java.security.InvalidKeyException

java.security.NoSuchAlgorithmException